[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	673/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-JSONPOINTER-1577288	No	Proof of Concept
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: handlebars

The new version differs by 22 commits.

• 8d22e6f v4.0.12
• 3c970cc Update release notes
• abba3c7 Update release notes
• 4bf1c4f Update release notes
• 41b6a11 Merge branch '4.x' of github.com:wycats/handlebars.js into 4.x
• 2d28f92 bump grunt-plugin-dependencies to 1.x versions
• 29b1744 style: omit linting error caused by removing "if"
• d130ed2 chore: bump various dependencies
• 2145c14 bump grunt-plugin-dependencies to 1.x versions
• 8359722 style: omit linting error caused by removing "if"
• a1d864d chore: bump various dependencies
• 0ddff8b unnecessary check
• 288e986 Docs: Document branches in the CONTRIBUTING guide
• 30df8a1 Testcase for accessing @ root from a partial-block
• cda544b Add package.json to components shim
• 69c6ca5 Use `files` field
• a4e39bd Fix release-notes (links to contributors` pages)
• b86b918 Fix release-notes (links to github-repo)
• d3d3942 upgrade uglify-js
• 73d5637 Update dependencies "async" to 2.5.0 and "source-map" to 0.6.1
• 7729aa9 Update grunt-eslint to 20.1.0
• 8947dd0 Update jsfiddle to 4.0.11

See the full diff

Package name: is-my-json-valid

The new version differs by 56 commits.

• 58d30cb 2.20.6
• f76edf0 Merge pull request Added new formatter webhintio/hint#188 from axelniklasson/master
• 4eef089 Upgrade jsonpointer to address security vulnerability
• 441f812 2.20.5
• d36a1b1 Merge pull request Update rule list automatically webhintio/hint#182 from ChALkeR/chalker/fix-comma
• b6ea484 Fix uri prefix detection
• 5389c5b Merge pull request Add lint for Markdown files webhintio/hint#181 from ChALkeR/chalker/fix-undef
• df5b313 add funding file
• c224619 Fix 'required' implementation
• 2534af4 2.20.4
• 22c6b76 Merge pull request Use test.afterEach.always instead of test.afterEach webhintio/hint#180 from ChALkeR/chalker/fix-style
• ccde29d Fix a ReDoS in 'style' format
• 9df4acb 2.20.3
• 3419563 only inline allocated vars
• adf40bd 2.20.2
• c3fc04f limit regex if maxLength is set
• 314a36f test on 12
• 2684bd0 2.20.1
• 0fb366a use maxItems in unique check
• 60111f4 2.20.0
• 8c11f77 Merge pull request Allow users to specify target browsers webhintio/hint#175 from LinusU/meta
• b6d9b3f Cleanup package metadata
• dcea5be 2.19.0
• 1712811 Merge pull request Add tests to cli.ts webhintio/hint#171 from mafintosh/ts-nullable

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic